A blog to share security, networking and cloud related technology information as @vCloudernBeer picked up on his search for his destiny in the cloud. (LinkedIn: https://www.linkedin.com/in/chowanthony)

Monday, November 24, 2014

Amazon Web Services Part 3: EC2 Container Service

At the AWS Re:Invent conference, Amazon announced a new feature "EC2 Container Service" - ECS

Wait, if my compute instance is Linux based, I can install Docker on that instance what does this new feature do for me? In fact user can create and manage Docker containers in AWS Elastic Beanstalk.

If we look into this we can find that this new feature is also described as "Container Management for the AWS Cloud". Deploying container on the cloud is easy but this is exactly why we need a management system to keep thing under control and to provide additional benefits for customers deploying container based application. As the container technology is becoming more and more mature with the help of Docker, we need to have management tools in place. In my opinion as with virtual machine, later on we need to have a complete monitoring and orchestration tools to provide autoscaling functionality. And as the trend goes, policy will be defined for just like what OpenStack Congress does.

On November 13, 2014, I blogged about Docket in OpenStack and Heat is used to manage containers. Both Google and Microsoft uses the open source Kubernetes to manage containers in their respective cloud offering.

ECS Benefits
During the product announce at the AWS Re:Invent conference keynote, there is a slide to show the benefits of this new EC2 Container Service:

image source: http://blog.docker.com/media/ec2.png

If you cannot see the image, the 4 benefits are:

Native Docker support for AWS
customers

Significantly easier to
manage Docker apps

Integrated with Docker Hub

Enable app portability

ECS Terminologies
On the Amazon blog Jeff Barr (@jeffbarr) has an article that has a list of terminologies to help us understand EC2 Container Service:

Cluster - A cluster is a pool of
EC2 instances in a particular AWS Region, all managed by EC2 Container Service. One cluster
can contain multiple instance types and sizes, and can reside within one
or more Availability Zones.

Scheduler - A scheduler is
associated with each cluster. The scheduler is responsible for making good
use of the resources in the cluster by assigning containers to instances
in a way that respects any placement constraints and simultaneously drives
as much parallelism as possible, while also aiming for high availability.

Container - A container is a
packaged (or "Dockerized," as the cool kids like to say)
application component. Each EC2 instance in a cluster can serve as a host
to one or more containers.

Task Definition - A JSON file that
defines a Task as a set of containers. Fields in the file define the image
for each container, convey memory and CPU requirements, and also specify
the port mappings that are needed for the containers in the task to
communicate with each other.

Task - A task is an
instantiation of a Task Definition consisting of one or more containers,
defined by the work that they do and their relationship to each other.

ECS-Enabled AMI - An Amazon Machine Image
(AMI)
that runs the ECS Agent and dockerd.
We plan to ECS-enable the Amazon Linux AMI and are working with our
partners to similarly enable their AMIs.

ECS Function

From the Amazon Web Service official web site, EC2 Container Service is a highly scalable, high performance container management service that supports Docker containers and allow user to:

Easily run distributed applications on
a managed cluster of Amazon EC2 instances.

Launch and stop container-enabled
applications with simple API calls, allows you to query the state of your
cluster from a centralized service, and gives you access to many familiar
Amazon EC2 features like security groups, EBS volumes and IAM roles.

Schedule the placement of containers
across your cluster based on your resource needs, isolation policies, and
availability requirements.

Eliminates the need for you to operate
your own cluster management and configuration management systems or worry about
scaling your management infrastructure.

The smallest unit for EC2 Container Service to manage is a cluster. From the terminology section about, cluster is defined as a pool of Amazon resources in an AWS Region. When we look at the product detail of ECS, it is described as a tool for "complete visibility and control of your
cluster from creating and terminating Docker containers to viewing detailed
cluster state information".

Future Direction

In my opinion, in a cloud the ability to meter and monitor is an important aspect especially for public cloud where resource is being charged. Amazon had not announced anything on this yet in AWS Re:Invent. As of this writing this feature is still in preview status - FREE. As the container technology in Amazon Web Services become more mature, it is very possible that it will become a paid service. After all, the purpose of AWS is to make money.

Another area that has potential for container technology to grow is PaaS. Red Hat is using the container technology for it PaaS offering and I think AWS will be catching up in this area also.

Network Function Virtualization with container is a hot topic these days but it seem AWS is not doing much in the networking area.